4A says "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures" so I would think the provider of the service could consider their data to be "their papers/effects" but is the provider a member of "the people" if it's not a sole proprietor?
Yes, providers can absolutely deny requests that aren't lawful. A company is within its right to say the data is their property stored on company property and a warrant is required to search it.
They probably could refuse, but isn’t selling access to surveillance information about you part of their business model? As they say, “we value your privacy…”
And that the client and provider can sign a contract forbidding the provider to disclose the information except under a warrant.